Secure SHell (SSH)
Chapter 7
Network & Security Gildas Avoine SUMMARY OF CHAPTER 7
Primer Security Mechanism File Transfer Port Forwarding Conclusion PRIMER
Primer Security Mechanism File Transfer Port Forwarding Conclusion Security Over the Transport Layer
To offer a single secure service (web, mail, login), it is better to secure the data at the transport layer than at the network layer.
Two most commonly used protocols are:
◦ SSH (Secure SHell, 1995, Port 22) : allows secure logins, file transfer, etc.
◦ SSL/TLS (Secure Socket Layer, 1995): allows securing any TCP based service (https, pop3s, telnets, ftps, esmtp,...).
Gildas Avoine Chapter 7: Secure SHell (SSH) 4 SSH Objectives
SSH (RFC 4251) implements secure communication channels over insecure networks in a client-server session. ◦ Confidentiality, authenticity, integrity.
Original philosophy. ◦ User-friendly (SSH designed to replace telnet, rlogin, rsh, ftp). ◦ Ready to use without any complicated installation.
The security level is not so high, but much higher than telnet-like tools: data is encrypted, passwords are no longer exchanged in the clear.
Gildas Avoine Chapter 7: Secure SHell (SSH) 5 Products
SSH created and commercialized by Tatu Yl¨onenin Finland (www.ssh.com).
OpenSSH is a public domain implementation. ◦ OpenSSH is a library that allows creating SSH servers and clients.
Examples of clients: Putty, SecureCRT,...
Gildas Avoine Chapter 7: Secure SHell (SSH) 6 SSH Versions
SSH1 (1995). ◦ RSA (patented till 2000). ◦ 3DES, Blowfish, and possibly IDEA (not free for commercial use). ◦ CRCs to verify the data’s integrity. ◦ Attacks possible, even though limited.
SSH2 (2006). ◦ DSA (copyrights free) to authenticate the server. ◦ MAC instead of CRC. ◦ Standardized by the IETF, available in open source.
Gildas Avoine Chapter 7: Secure SHell (SSH) 7 SECURITY MECHANISM
Primer Security Mechanism File Transfer Port Forwarding Conclusion Architecture
Transport layer (RFC-4253) ◦ Handles server authentication, cryptographic protocols agreement, initial key exchange, ...
Client/User authentication layer (RFC-4252) ◦ Handles client authentication.
Connection layer (RFC-4254) ◦ Manages the services: Shell, SFTP, SCP, port-forwarding,...
Gildas Avoine Chapter 7: Secure SHell (SSH) 9 Transport Layer: Authenticating the Server
Gildas Avoine Chapter 7: Secure SHell (SSH) 10 Server Authentication Procedure
Server and Client negotiate the cryptographic protocols.
Server and Client agree on a symmetric key (DH protocol)
Server signs the exchanged information using its private key.
Server sends its public key (along with a certificate if any).
Gildas Avoine Chapter 7: Secure SHell (SSH) 11 Packet Sniffing during SSH Server Authentication
Gildas Avoine Chapter 7: Secure SHell (SSH) 12 Verifying the Server Public Key
First connection: ◦ Client checks the certificate, or ◦ Client requests user to authenticate public key by other means. ◦ Client stores the public key in a local database (.ssh/known hosts)
Next connections: ◦ Client checks the public key from the local database.
Gildas Avoine Chapter 7: Secure SHell (SSH) 13 Critical Assumptions
Public key authentication in first connection must be secure, otherwise server can be impersonated.
The local database must have integrity protection, otherwise the server public key can be replaced by another one.
Gildas Avoine Chapter 7: Secure SHell (SSH) 14 Illustrated Recap (1/3)
Source: Van Dyke Software, 2004
Gildas Avoine Chapter 7: Secure SHell (SSH) 15 Illustrated Recap (2/3)
Source: Van Dyke Software, 2004
Gildas Avoine Chapter 7: Secure SHell (SSH) 16 Illustrated Recap (3/3)
Source: Van Dyke Software, 2004
Gildas Avoine Chapter 7: Secure SHell (SSH) 17 Main Client Authentication Methods
The user provides a password.
The client provides once his public key to the server, and then use his private key upon server request (e.g. Git repositories).
Gildas Avoine Chapter 7: Secure SHell (SSH) 18 FILE TRANSFER
Primer Security Mechanism File Transfer Port Forwarding Conclusion File Transfer with SSH
We can transfer files in a secure way using the SCP command: ◦ scp mylocalfile.txt [email protected]:myremotefile.txt ◦ scp username@remote-server:myremotefile.txt .
No NAT-related problem (cf. active/passive FTP).
Gildas Avoine Chapter 7: Secure SHell (SSH) 20 PORT FORWARDING
Primer Security Mechanism File Transfer Port Forwarding Conclusion Port Forwarding
Port forwarding: allows carrying any TCP connection across a SSH connection.
Only the connection between the SSH client and the SSH server is protected.
Gildas Avoine Chapter 7: Secure SHell (SSH) 22 Local Port Forwarding
The SSH client can forward a local port towards a given destination via an intermediate SSH server.
The client application is configured to connect to a local port instead of a remote server.
Gildas Avoine Chapter 7: Secure SHell (SSH) 23 Remote Port Forwarding
Port forwarding can also be done in the other direction.
◦ Eg. tunnel from home to work initiated before leaving the office.
◦ Eg. X Windows sessions, with SSH –X.
Gildas Avoine Chapter 7: Secure SHell (SSH) 24 Dynamic Port Forwarding
The SSH server behaves like a SOCKS Proxy.
Gildas Avoine Chapter 7: Secure SHell (SSH) 25 Example 1: Local Port Forwarding
Gildas Avoine Chapter 7: Secure SHell (SSH) 26 Example 1 (cont’)
Gildas Avoine Chapter 7: Secure SHell (SSH) 27 Example 2: Local Port Forwarding
Source: http://toic.org/blog/2010/ssh-port-forwarding/#.VQCI6-HS07y ssh -L 0.0.0.0:66732:remote.gameserver:66732 [email protected]
Gildas Avoine Chapter 7: Secure SHell (SSH) 28 CONCLUSION
Primer Security Mechanism File Transfer Port Forwarding Conclusion Conclusion
ssh -L
ssh -R
ssh -D
Gildas Avoine Chapter 7: Secure SHell (SSH) 30 References
Comparison of SSH clients. ◦ http://en.wikipedia.org/wiki/Comparison of SSH clients
Port forwarding ◦ http://www.securityfocus.com/infocus/1816
Gildas Avoine Chapter 7: Secure SHell (SSH) 31